TikiWiki tiki-list_faqs.php offset Variable SQL Injection

Description

Vulnerability Description

TikiWiki contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the "offset" variable in the "tiki-list_faqs.php" module is not verified properly and will allow an attacker to inject or manipulate SQL queries.

Solution Description

Upgrade to version 1.8.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

TikiWiki contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the "offset" variable in the "tiki-list_faqs.php" module is not verified properly and will allow an attacker to inject or manipulate SQL queries.

Manual Testing Notes

http://[victim]/tiki-list_faqs.php?find=&offset=[SQL]

References:

All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please mail to content@vulners.com Vulners, 2017